[Help-gnutls] Re: Certificate verification when using OpenPGP certificates

Simon Josefsson simon at josefsson.org
Thu Mar 15 12:40:49 CET 2007 

Matthias Wimmer <m at tthias.eu> writes:

> Hi!
>
> Is there any example or documentation how to do certificate
> verification, if the peer used an OpenPGP key to authenticate? The
> OpenPGP example distributed with GnuTLS (ex-serv-pgp.c) does not do
> any verification.
>
> I guess that I have to use gnutls_certificate_verify_peers2() first
> and if that succeeds, all that is left to do is to check if the
> OpenPGP key contains one ID that matches what I expect the peer to be.
> Do I have to check anything else? E.g. expiration of the key (as I
> would have to do with X.509 certificates, but there does not seem to
> be a function for that) or the self signature of the key (I'd expect
> that this might already been done by
> gnutls_certificate_verify_peers2())?

I don't really know.  The draft-ietf-tls-openpgp-keys-11.txt document says:

   Considerations about the use of the web of trust or identity and
   certificate verification procedure are outside the scope of this
   document.  These are considered issues to be handled by the
   application layer protocols.

So it doesn't give much guidance.  gnutls_certificate_verify_peers2,
via _gnutls_openpgp_verify_key, do check signatures against
keyring/trustdb, and self signature, but nothing else as far as I can
tell.

The code for gnutls-serv, see print_openpgp_info src/common.c,
suggests several checks.  Identity check:

	  if (gnutls_openpgp_key_check_hostname (crt, hostname) == 0)
	    {
	      printf
		(" # The hostname in the key does NOT match '%s'.\n",
		 hostname);
	    }
	  else
	    {
	      printf (" # The hostname in the key matches '%s'.\n", hostname);
	    }

Expiration check:

      activet = gnutls_openpgp_key_get_creation_time (crt);
      expiret = gnutls_openpgp_key_get_expiration_time (crt);

      printf (" # Key was created at: %s", my_ctime (&activet));
      printf (" # Key expires: ");
      if (expiret != 0)
	printf ("%s", my_ctime (&expiret));
      else
	printf ("Never\n");

Possibly we could add an API to GnuTLS to check these things too.  It
seems error prone that every application need to do the same kind of
checks.  Maybe even gnutls_certificate_verify_peers2 should do this.

/Simon

More information about the Gnutls-help mailing list